Vega-functions Project

Vega-functions

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2025-66648

Exploit
  • EPSS 0.05%
  • Veröffentlicht 05.01.2026 21:33:14
  • Zuletzt bearbeitet 05.02.2026 21:27:13

vega-functions provides function implementations for the Vega expression language. Prior to version 6.1.1, for sites that allow users to supply untrusted user input, malicious use of an internal function (not part of the public API) could be used to ...

6.1

CVE-2025-26619

Exploit
  • EPSS 0.25%
  • Veröffentlicht 27.03.2025 13:51:38
  • Zuletzt bearbeitet 11.04.2025 16:12:33

Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. In `vega` 5.30.0 and lower and in `vega-functions` 5.15.0 and lower , it was possible to call JavaScript functions from the Veg...

6.1

CVE-2023-26486

Exploit
  • EPSS 0.2%
  • Veröffentlicht 04.03.2023 00:15:15
  • Zuletzt bearbeitet 21.11.2024 07:51:37

Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. The Vega `scale` expression function has the ability to call arbitrary functions with a single controlled argument. The scale e...

6.1

CVE-2023-26487

Exploit
  • EPSS 0.19%
  • Veröffentlicht 04.03.2023 00:15:15
  • Zuletzt bearbeitet 21.11.2024 07:51:37

Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs.`lassoAppend' function accepts 3 arguments and internally invokes `push` function on the 1st argument specifying array consistin...